This subject has been discussed before on this blog. I support the right of parents to review what their children have been looking at, both morally in terms of my understanding of the way God has given parents authority over their children, and for the pragmatic reason that it’s likely that, with such an ability, they will give their children greater access to the web than they would otherwise have. So I think it should be possible to disable PBM. However, I’m not really interested in having that discussion again – this post is about the best way to do it, not whether it’s a good idea.
William Wood has written a program, “Incognito Gone”, which turns off private browsing or the equivalent in Chrome, IE and Firefox. However, his page says:
Note: While Incognito Gone completely removes the private browsing function from Google Chrome and Internet Explorer, in Mozilla Firefox only the option for private browsing is removed. In other words, if you know the keyboard shortcut for private browsing in Firefox, it is still available.
Technically, Chrome and IE support this disabling using a registry option and, if your Windows computer is set up correctly with user accounts for each person, then this is an effective method, and it’s what William’s program uses. For Firefox, he just drops in a userChrome.css to hide the menu item, which is clearly suboptimal.
Is it possible to have an “uninstallable extension”, under the same conditions (user account separation) as IE and Chrome have “unchangeable registry entries”? If so, that seems like it would provide parity with Chrome and IE.
If we added a private browsing pref, does “pref locking” still work, and could that be used? There are docs about it on the web, but no clear info as to whether it currently works and can be done in a non-defeatable manner. Are any EWG participants using it?
“God has given parents authority over their children”
In most developed countries the government grants you restricted (!) authority over your children. And it can take it away and transfer to other parties in cases of severe neglect or otherwise endangering your children.
Oh my god. The phrase god isn’t useful in any scientific context. In believe I’m god, but I have not granted you this right.
Thanks for the link! I enjoyed the blog.
… says the guy with Pedobear peeking in from the side of his Gravatar. ;-)
Someone can of course build Firefox with PBM disabled. I think you’d just need to insert a preflock for PBM-disabled at startup; I’ve used preflocks recently in this way, and they seem to work!
Otherwise, perhaps the machine administrator could take ownership of the relevant profile files. To do it right, you’d have to make sure that the user can’t create new profiles.
Pref locking is not exactly very convenient at the moment. I’ve been trying to push pref locking in arbitrary pref files for a while without much success (bug 440908).
It is possible to lock addons by making them readonly on the filesystem, but they can still be disabled. They just can’t be uninstalled. They used to be upgradable, but a (very) quick look at the code suggests this has been changed.
Why don’t you like the config file as the method for locking prefs?
Locking add-ons is very easy as well. You can just put them in the distribution/bundles directory and they don’t show up in add-ons.
Or with one line of CSS, you can prevent them from displaying in the add-ons manager.
Turning off a keystroke in Firefox is really easy. No idea why he couldn’t do that.
And yes, this is something that enterprises want.
There should be a pref to disable private browsing that can be locked.
There is a bug for the parental side.
What about sleazy internet-café owners? Wouldn’t they want to do that so they could seize your history, passwords, or whatever, and impersonate you (or try to) for illicit purposes (charging _their_ purchases to _your_ bank account, …)?
Arguably, they can do that without locking private browsing off.
> Why don’t you like the config file as the method for locking prefs?
Because it’s horrible.
There are plenty of ways they can do this without messing with private browsing – a keylogger, for example. If you don’t trust the compuer you are on, private browsing does not magically make it trustworthy.
Oh, and here’s another extension which claims to do this: https://addons.mozilla.org/en-US/firefox/addon/disable-private-browsing/
Presumably AMO frowns on addons which employ such a line of CSS, though?
“Someone can of course build Firefox with PBM disabled”
Or just remove all instances of it. Or, all access points to it?
An extension would be easier to maintain and it could have password protected options for admins to enable PBM (for whatever reason).
But is there a way to prevent new profiles from being created?
What’s the difference between dropping a JS file in the defaults/pref directory and dropping a file in where the EXE is located as a config?
It’s six of one, half dozen of the other.
And for the record, the config files are much more than just pref files, they actually allow syntax.
Yes, but you wouldn’t distribute an add-on like that through AMO.
> Is it possible to have an “uninstallable extension”’
If it were, I can think of several software companies who would abuse the capability to create painfully stupid uninstallable toolbar extensions. Consequently, I don’t think that’s the ideal way to solve the problem.
Perhaps the existence of private browsing mode could be a compile-time option, and an alternate version of Firefox could then easily be released that does not have it. Assuming that the parents are (or have access to, *other* than the kids) sufficiently competent computer users to handle basic administration tasks like software installation and setting up limited user accounts for their kids, they could do this.
One problem with both of these approaches is that current operating systems don’t prevent non-privileged users from running executable files that are stored in user-writable areas of the filesystem, so even in limited accounts the kids can download a browser of their choosing and install it in My Documents. Kids who understand computers well enough to do this are not particularly rare. Parents who understand computer security well enough to be aware of this issue are somewhat less common. This is not a problem Mozilla can solve.
The CORRECT solution is to put the computer (and the television if you have one) in a public area (public to the family, I mean, not the whole world — the living room would do), so that parents can, you know, actually be around their kids and be aware of what they’re doing and pay some measure of attention to them and, like, provide guidance and stuff. Back when more people used to do that sort of thing, we actually had a word for it: “parenting”.